VDB
CVE-2021-33896
CVE-2021-33896
PUBLISHED
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators.
EPSS 0.51% · 66.6th percentile
Risk Scores
EPSS Score
0.51%
66.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:20.04:LTS | dino-im | 0, 0.0.git20190916.f746ce7-1, 0.0.git20191002.7adb0e8-1 |
| Ubuntu:18.04:LTS | dino-im | 0, 0.0.git20180130-1, 0.0.git20180130-1ubuntu0.1 |
Timeline
- Jun 7, 2021 CVE Published
- Jun 8, 2021 EPSS Score
- Jun 13, 2021 EPSS Score
- Jun 19, 2021 EPSS Score
- Aug 9, 2021 EPSS Score
- Oct 9, 2021 EPSS Score
- Dec 8, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 7, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 9, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-33896 third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/06/07/2 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-33896 third-party-advisory